Security Best Practices at MetricFire

Security Best Practices at MetricFire

Table of Contents

Great systems are not just built. They are monitored.

MetricFire runs Graphite and Grafana as a fully managed service for growing engineering teams, taking care of storage, scaling, and version updates so your team doesn't have to. Plans start at $19/month, billed per metric namespace rather than per host, and include engineer-staffed support. Integrations work natively with Heroku, AWS, Azure, and GCP, and data is stored with 3× redundancy in SOC2- and ISO:27001-certified data centres.

Introduction

At MetricFire, we treat your data as our data, and we secure our data. Security is prioritized at every level of our infrastructure so you can have peace of mind that your data is sent and stored safely. Keeping MetricFire secure is fundamental to the nature of our business. One of our key priorities is to secure our customers’ metrics and trust. We diligently ensure that we comply with industry security standards so that our customers can trust that their metrics are safeguarded. There are several ways that MetricFire keeps your data secure.

              

Industry Standard Practices

Our team is big on the cyber security aspect with CISSP and Cybersecurity-certified team members. MetricFire diligently ensures that we comply with industry security standards so that our customers can trust that their metrics are in good hands. 

              

Some of the key standards we adhere to include: 

  • Annual security awareness, GDPR requirements, Phishing training
  • RBAC and the principle of least privilege enforced across teams
  • Minimum data collection is limited to a lawful basis required to provide services
  • Customer data encrypted at rest and transit
  • Regular data backups; ability to preserve for forensic purposes if required
  • Annual penetration tests and business risk reviews

           

            

Thorough Data Encryption

Compared to standard open-source Graphite, Hosted Graphite ensures that data can be safely sent to our hosted solution through secure TCP (TLS and HTTPS) or UDP carbon-format interfaces.

       

undefined

    

We use SSL/TLS encryption on all our websites and microservices to maintain the highest security and data protection standards. Sensitive Data such as connection credentials is encrypted anytime it is “at rest” in the MetricFire platform using industry-standard encryption. In addition, we regularly verify our security certificates and encryption algorithms by S3 server-side encryption AES256 using S3-managed keys to keep your data safe. For organizations managing access to multiple data sources, this encryption extends across all connection points, similar to how platforms like DreamFactory provide governed, encrypted API access to protect sensitive data at every layer.

       

Enterprise Tailored Infrastructure

MetricFire uses cloud hosting providers and inherits their physical security, business continuity, disaster recovery, and network intrusion protection for ISO:27001 and SOC2 Certified Data centers. This means that business continuity and operational resilience risk can be transferred to a robust provider with a shared responsibility model.

   

In addition to this MetricFire customers need not worry about database failures as we operate a distributed eventually consistent database built upon the open-source Gorgon. In case of failure, the workload is distributed and we store three redundant copies of everything. Queries will get back to the user with answers only when two different systems agree - this is also useful for fault tolerance. 

       

Information Security Approach

Security of customer data is a priority and by default, MetricFire does not collect or require sensitive information. We understand the sensitivity of that information and we take all steps necessary to safeguard it. Our internal policies are built on Cloud Security Alliance’s Consensus Assessments Initiative Questionnaire (CAIQ) and keeping MetricFire secure is fundamental to the nature of our business.

   

Additionally, data sent to us will never be misused. MetricFire will never sell data sent to us to third parties. We have always been supportive of the open-source principle of data portability and always will be. We built our product and company upon open-source software, so we are opposed to any practices of ‘vendor lock-in’. The data sent to us will always be yours, and you get to decide how your information is used. 

       

Conclusion

Ensuring the security of our service is consistent and reliable for our customers counts toward everything we do. MetricFire strives to maintain the highest level of security and best practices to earn our customers’ business and trust.

   

If you have any questions about security at MetricFire or would like to discuss how we can meet the security requirements of your organization to become your trusted monitoring partner please contact us at sales@metricfire.com or book a time to speak with us

You might also like other posts...
metricfire Jun 03, 2026 · 3 min read

OpenTelemetryでNGINXのパフォーマンスを簡単に監視する方法

今回は、OpenTelemetryを使ってNGINXのパフォーマンスを監視する方法を解説。NGINXの設定からOpenTelemetry Collectorの導入、Graphiteへのメトリクス送信、Grafanaダッシュボードやアラート作成までをわかりやすくご紹介します。 Continue Reading

metricfire Jun 01, 2026 · 4 min read

TelegrafでNagiosプラグインを監視する方法【設定ガイド】

Telegrafを使用してNagiosプラグインを監視する方法を解説。Nagios Pluginsの設定、Telegraf execプラグインによるメトリクス収集、Hosted GraphiteとGrafanaを活用したダッシュボード・アラート構築までをステップごとに紹介します。 Continue Reading

metricfire May 28, 2026 · 2 min read

TelegrafとMetricFireでRedisを監視する方法【設定手順を解説】

本記事では、TelegrafとMetricFireを使用してRedisを監視する方法を解説。Telegraf Agentの設定、Redis入力プラグインの構成、Grafanaダッシュボードやアラート作成まで、Redis監視の手順をステップごとにご紹介します。 Continue Reading

header image

We strive for 99.95% uptime

Because our system is your system.

14-day trial 14-day trial
No Credit Card Required No Credit Card Required